On Tue, Mar 08, 2005 at 12:46:59AM -0500, sean finney wrote: > On Tue, Mar 08, 2005 at 12:46:46AM +0100, David Härdeman wrote: > > o In order to minimize the exposure of the key, it might be wise to > > mount the drive, load the keys (ssh,gpg) into the memory of the > > appropriate agents and then unmount the drive. On the other hand, does > > this actually provide any extra security as opposed to having the key > > mounted for the entire session? > i have a usb/hotplug/ssh-add script that loads an ssh key off of a usb > stick, and removes it when the usb stick is removed. if you're > interested i can send you a copy off-list. Any reason not to post it on-list? I was hoping to improve the security/usability of my own setup based on the best practices offered up in reply to this thread. -- Steve Langasek postmodern programmer
Attachment:
signature.asc
Description: Digital signature